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(54) System and method for router virtual networking 



(57) A host router 1 0 is logically partitioned into vir- 
tual router domains 12,14,16 that manage independent 
processes 22, 23, 24, 25, 26 and routing application 
copies but share a common operating system 18, 20. 
Each v-net manages an independent set of sockets 32, 
33, 34, 35 36 and host router interfaces 42, 43, 45, each 
associated with only one v-net at one time, but inter- 
changeably repartitionable Traffic is removed from an 
interface during repartitioning. Duplicate arrays of global 



variables copied to each v-net are accessed by macro 
references. A v-net facility can separate route tables 46 , 
48, 50 used internaHy from the externally visible route 
tables and can avoid conflicts between internal and ex- 
ternal I P addresses 13,15,17 that share the same iden- 
tifier. For example a common FreeBSD operating sys- 
tem supports a dynamic routing protocol (DRP) applica- 
tion 23, 25. Each v-net runs an independent copy of the 
DRP software and is logically independent. A failure in 
one DRP copy does not adversely affect other copies. 



CM 
< 

CD 
CO 

CM 



Q. 
LU 



INTERNAL I Vnet m I 

MANAGEMENT ?2 13^2^J 



DOMAIN 



MANAGEMENT 
APPUCATION 



DESCRIPTOR 
UST 
32-0 



32-2 

L_ 



USER- 



-18 



KERNEL 



MO 



32-1 

■A 



SOCKET 



j Vnet ID | 



SOCKET 



I Vnet ID j 



— r 

13 



SOCKET 
Vnet IDj 



ROUTING 
TABLES 

7 



32-3 



13 



47^ 



OTHER 
VIRIUAUZED 
VARIABLES 



46 42-K 




i 

i 


INTERFACE 
UST 






NET INTERFACE 
| Vnet ID 1 







42-0 42-3'' 



13 VnetO 



VIRTUAL 

ROUTER 1 23 
L 



15 Jv^TidI 

14 



DRP 
APPLICATION 



DESCRIPTOR 
LIST 
33-0 



33-2 



SNMP AGENT 
APPUCATION 



DESCRIPTOR 
LIST 
34-0 



5 1 34-3 34-2 



SOCKET 
I Vnet iP 



— f— 

15 



34-1 

U 



SOCKET 



! Vnet ID I 



ROUTING 
TABLES 

7 



33-3 



15 



47^ 



OTHER 
VIRTUAUZQ) 
VARIABLES 



48 43-1 



INTERFACE 
UST 

— 7 — 

43-0 



L 

43-2^ 
43-3 



NET INTERFACE 
C 



Vnet ID 
J 



15 »Vr«*1 



17 ^ud] 



VIRTUAL 

ROUTER 2 25 1'"" — TZ 1 26 



DRP 
.APPUCATION 



DESCRIPTOR 
UST 
35-0 



35-2 

L— 



SNMP AGENT 
APPUCATION 



DESCRIPTOR 
UST 
36-0 



35-1 7C 

jL 36 ; 



•3 36-2 



SOCKEf 



| Vnet ID j 



36-1 
_L 



SOCKET 



Vnet ID i 



17 



ROUTING 
TABLES 



35-3 



17 



47-/ 



OTHER 
VIRTUAUZED 
VARIABLES 



50 45- K 


i 

1 


INTERFACE 
UST 

) - 1 






NET INTERFACE 
| Vnet ID | 


t 





45-0 45-3 J 



17 Vnet2 



10 



Printed by Jouve, 75001 PARIS (FR) 



EP 1 271 861 A2 



Description 

RELATED APPLICATIONS 

5 [0001] This application is related to co-pending and commonly assigned U .S. Application Serial Number 09/703,057, 
entitled "System And Method For IP Router With an Optical Core," filed October 31 , 2000, the disclosure of which is 
hereby incorporated herein by reference. 

TECHNICAL FIELD 

10 

[0002] This application relates to the field of communication networks, and particularly to large-scale routers for 
optical communication networks. 

BACKGROUND 

15 

[0003] Transmission Control Protocol (TCP) is an underlying connection protocol that is typically used for all types 
of network communication. A route is essentially the mapping of an IP address to an egress port of a router. Different 
network routers set up connections with their peer routers using operating systems, for example Border Gateway 
Protocol (BGP) over TCP or OSPF (Open Shortest Path First) over Internet Protocol (IP) to determine that they get 

20 route information from their peers, allowing them to construct essentially an internal map of the network and to select 
the route that they should use, as well as verification that their peers are operating correctly. This is accomplished by 
sending various keep-alive packets back and forth to make sure that their peers are still correctly functioning. Routes 
are used internally within a router, for example a Master Control Processor (MCP) communicates through an Ethernet 
control network (CNET) within a router with the shelf control processors, each of which have individual IP addresses. 

25 Processes including routing applications, for example Dynamic Routing Protocol (DRP), run on these operating sys- 
tems. Sockets are end points of communication associated with a process. A particular process can have more than 
one socket. 

[0004] In a router with a large number of ports, for example 320 ports, that communicates with peer routers, it is 
advantageous to subdivide that single large router logically into several smaller virtual routers, each of which can be 
30 individually configured. There can be separate departments in a large company, or an Internet provider wanting to 
partition a large router among clients, for example for security reasons. However, previous implementations of subdi- 
viding routers having large numbers of ports have been cumbersome. 

SUMMARY OF THE INVENTION 

35 

[0005] The present invention is directed to a system and method which logically partition a host router into virtual 
router domains that run independent processes and routing application copies but share a common operating system. 
Each v-net domain manages an independent set of interface ports. Each process manages an independent set of 
sockets. 

40 [0006] In some embodiments a v-net domain architecture is used to partition a host router. Some v-net domains 
support virtual routers, whereas other v-net domains support only internal router processes and management appli- 
cations. Thus, not every v-net domain supports a virtual router. A single v-net domain can support more than one 
process. A v-net facility can advantageously separate route tables used internally from the externally visible routes, 
making network management easier and more transparent. With separate v-net domains for example, the IP address 

45 of an internal shelf control processor does not conflict with the same IP address that is assigned elsewhere on the 
Internet. In a v-net implementation, duplicate arrays of global variables are instantiated in each virtual router domain 
and are accessed by macro references. 

[0007] A common FreeBSD operating system running on the MCP supports a dynamic routing protocol (DRP) ap- 
plication. Each new virtual router is independently managed by its own copy of the DRP application for as many virtual 

so routers as exist. If something goes awry in one DRP copy, it does not affect other copies. Each v-net domain manages 
a separate set of the interfaces associated with the host router, which provide connections to peer routers. For example, 
if a host router has 320 ports, one v-net domain can manage 120 ports or interfaces, and another v-net domain can 
manage another 1 20 ports. All of these ports and interfaces can be interchangeably partitioned. For each Synchronous 
Optical Network (SONET) port on a line card, there is an interface (IF) data structure in FreeBSD that represents that 

55 SONET port. Any interface can be associated with only one v-net at one time, but can be moved among v-nets to 
reconfigure the host router. Traffic is removed from an interface while it is being moved. At a high level the host router 
is partitioned, and each partition normally is managed by an independent copy of the DRP software. In an administrative 
sense, each of these partitions is logically independent. 
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[0008] Certain activities are still managed across the entire host router, for example failure reporting of hardware in 
the host router, which is machine specific, and therefore is a resource shared by all of the partitions. 
[0009] This partitioning also allows the routes between the individual components such as the line cards and proc- 
essors internal to a router to be contained in route tables separate from externally visible routes. Partitioning the router 
5 also facilitates testing, such that one partition might be used for normal network traffic and another might be used to 
test for example new software or new network configurations for new types of protocols. Additionally, a degree of 
redundancy is achieved, such that failure of one partition generally does not adversely affect another partition sharing 
the same host router. 

[0010] Various aspects of the invention are described in co-pending and commonly assigned U.S. Application Serial 
10 Number 09/703,057, entitled "System And Method For IP Router With an Optical Core," filed October 31, 2000, the 
disclosure of which has been incorporated herein by reference. 

[0011] The foregoing has outlined rather broadly the features and technical advantages of the present invention in 
order that the detailed description of the invention that follows may be better understood. Additional features and 
advantages of the invention will be described hereinafter which form the subject of the claims of the invention. It should 

*5 be appreciated by those skilled in the art that the conception and specific embodiment disclosed may be readily utilized 
as a basis for modifying or designing other structures for carrying out the same purposes of the present invention. It 
should also be realized by those skilled in the art that such equivalent constructions do not depart from the spirit and 
scope of the invention as set forth in the appended claims. The novel features which are believed to be characteristic 
of the invention, both as to its organization and method of operation, together with further objects and advantages will 

20 be better understood from the following description when considered in connection with the accompanying figures. It 
is to be expressly understood, however, that each of the figures is provided forthe purpose of illustration and description 
only and is not intended as a definition of the limits of the present invention. 

BRIEF DESCRIPTION OF THE DRAWING 

25 

[0012] For a more complete understanding of the present invention, reference is now made to the following descrip- 
tions taken in conjunction with the accompanying drawing, in which: 

FIGURE 1 is a logical diagram illustrating the principles of router virtual networking, according to an embodiment 
30 of the present invention. 

DETAILED DESCRIPTION 

[0013] In embodiments of the present invention, a host network router is logically partitioned into multiple virtual 

35 networking domains sharing a common operating system. FIGURE 1 is a logical diagram illustrating the principles of 
router virtual networking, according to an embodiment of the present invention. In the implementation of FIGURE 1 , a 
host router 10 is logically partitioned into v-net domains 12, 14, and 16 that are associated with networking systems. 
Each v-net 12, 14, 16 has a unique v-net ID address 13, 15, 17, in accordance with network protocols. Host router 10 
and each ofv-nets12, 14, 16 are further logically subdivided into two spaces, shown in FIGURE 1 separated horizontally 

to by a solid line, namely a user level 1 8 and a kernel level 20 of the shared common operating system (OS), for example 
aversion of FreeBSD. The present FreeBSD operating system runs on the host router Master Control Processor (MCP), 
described for example in U.S. Application Serial Number 09/703,057, entitled "System And Method For IP Router With 
an Optical Core," filed October 31 , 2000, cited above, the disclosure of which has been incorporated herein by refer- 
ence, and the dynamic routing protocol (DRP) application software runs on top of FreeBSD. 

45 [0014] An operating system contains within it logical notions called processes 22-26, for example Internet Manage- 
ment Application 22, DRP 23, 25, or Simple Network Management Protocol (SNMP) agent application 24, 26, running 
on v-nets 12,14, and 16. Different individual v-nets can manage the same, different, single, or multiple processes. V- 
net domains 1 4 and 1 6, each running DRP and SNMP processes, are virtual routers, whereas v-net domain 1 2, running 
only an internal management application, is not a virtual router. The present FreeBSD operating system supports 

so multiple processes, among which are DRP 23, 25, SNMP 24, 26, and Internal Management Application 22. Each 
process occupies some user level space 18 and also some operating system kernel level space 20. User level space 
18 includes the application and the values of all the application variables (not shown in FIGURE 1), whereas OS or 
kernel level space 20 of the process includes internal data that the kernel maintains with each process. Typical examples 
of internal kernel data include descriptors or descriptions of open files and the ID of the user that owns the process, 

55 attributes that are added to each process associated with a particular v-net. 

[0015] Among other things associated with a particular v-net are interfaces, for example interfaces 42-1 through 42-3 
associated with v-net 12. An interface represents for example a particular physical hardware Ethernet card, gigabit 
Ethernet card, or SONET line card interconnected with a remote router. This allows partitioning of host router interfaces, 



3 



EP 1 271 861 A2 



such that for example interfaces 42-1 through 42-3 contain v-net ID 13 of v-net 12 with which they are associated. V- 
net domain 12 maintains an interface list 42-0 pointing to interfaces 42-1 through 42-3. Similarly v-net domain 14 
maintains an interface list 43-0 pointing to interfaces 43-1 through 43-3 carrying v-net ID 15 of v-net domain 14, and 
v-net domain 1 6 maintains an interface list 45-0 pointing to interfaces 45-1 through 45-3 carrying v-net ID 1 7 of v-net 
5 domain 16. 

[0016] Each process 22-26 can create sockets, which are end points of communication associated with a process, 
for example sockets 32-1 through 32-3 associated with process 22 in v-net domain 12. A particular process can have 
more than one socket. Each socket has a v-net ID associated with it, for example sockets 32-1 through 32-3 each 
contain v-net ID 13 of v-net 12. In v-net 12, management application 22 maintains a descriptor table, for example file 

10 descriptor table 32-0 of v-net 12, holding references to sockets 32-1 through 32-3 and to files, which are each associated 
with specific application 22. Similarly, in v-net 14, DRP application 23 maintains descriptor table 33-0, holding refer- 
ences to sockets 33-1 through 33-3 and to files associated with application 23, and SNMP application 24 maintains 
descriptor table 34-0 holding references to sockets 34-1 through 34-3 and to files associated with application 24. Like- 
wise in v-net 16, DRP application 25 maintains descriptor table 35-0, holding references to sockets 35-1 through 35-3 

15 and to files associated with application 25, and SNMP application 26 maintains descriptor table 36-0 holding references 
to sockets 36-1 through 36-3 and to files associated with application 26. 

[0017] Sockets are partitioned basically according to the domain in which communication takes place. Each of the 
things done to the socket is interpreted in the context of the particular v-net in which the socket is created, and therefore 
the socket carries that particular v-net identifier. The process has a v-net identifier, because when a process creates 

20 a new socket, which it is able to do, each socket that it creates is then created in a process of that v-net identifier. For 
example, if a process is associated with v-net 0 creates a socket, then that socket is automatically associated with v- 
net 0, gets its routing tables from v-net 0, and can then use ail of the interfaces that are assigned to v-net 0. A process 
can, however, change its v-net identifier and thereby its v-net association, for example by moving logically from v-net 
0 to v-net 1 , and can then create a new socket associated with v-net 1 , which uses routing tables and interfaces of v- 

25 net 1 , which are disjoint with the interfaces for v-net 0. 

[0018] Once a socket is created, it cannot be moved to another v-net, but remains in the domain in which it was 
created. However, a process, by changing its v-net identifier, can then create sockets in multiple domains. Conse- 
quently, a process can essentially communicate across domains by creating a socket in each one, but each socket, 
throughout its existence, is fixed in its original domain. Multiple sockets created by a process are distinctly different 

30 from a single socket that is simply interpreted in different ways. For example a single process can create ten distinct 
sockets in one domain and five distinct sockets in another domain. For example, socket 35-4 is created in v-net domain 
12 by DRP application 25 and carries v-net ID 13, although socket 35-4 is referenced in descriptor list 35-0 of DRP 
application 25, which is now in v-net domain 1 6. Likewise, socket 33-4 is created in v-net domain 1 2 by DRP application 
23 and thus carries v-net ID 13, although socket 33-4 is referenced in descriptor list 33-0, which is now in v-net domain 

35 14. A socket is destroyed when a process exits or when a process closes down the communication end point repre- 
sented by that socket. After a socket is destroyed, it is no longer associated with any domain, and the memory asso- 
ciated with it is freed. 

[001 9] If for example v-net 1 4 and v-net 1 6 are two networking domains of host router 1 0, and if v-net 1 4 is a production 
network carrying live traffic with production code in it, or production network connections carrying real customer traffic, 

40 then a socket associated with v-net 1 4 is operating in that v-nefs space and has routing tables 48 for that v-net to route 
live traffic. Consequently, if the socket were to select a particular IP address, that IP address would use production 
routing tables 48. A different socket in a different v-net 16 is for example used for a small test bed and contains a 
different set of routing tables 50. Accordingly, when a message is sent on v-net 16 with an IP address, that IP address 
is interpreted in the context of v-net 1 6 running the small test bed. 

45 [0020] Global variables are variables that are accessible to all the various logical contexts or threads of execution 
that are running concurrently within an operating system. Thus a global variable is not on the stack of a particular 
thread. Accordingly, all global variables are available to every process that is running within the operating system 
Global variables include at least at the top level, for example, the IP address of a machine or a copy of the routing 
tables so that a process knows where to send packets. There are a certain set of global variables associated with the 

so networking code, and in order to make the networking codes support partitioning, the set of global variables associated 
with networking are replicated, one copy 47 for each v-net domain, such that the operating system effectively contains, 
rather than one copy of the networking data structures, N instantionations of the networking stack, replicating all the 
various functions of the networking code, including replicated routing tables and replicated TCP control blocks linked 
together throughout the basic data structure. Thus, effectively all of the important variables in the networking system 

55 are replicated, so that they can be independently managed. This can be thought of as an operating system with N 
instantiations of the networking system. 

[0021] The basic approach of the v-net code is to take global variables that need to be replicated for each v-net 
domain, and to make an array of them. As an example tcpstat, the tcp statistics structure, is declared in tcp_var.h struct 
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tcpstat {...} and defined in tcpjnput.c as struct tcpstat tcpstat To have a separate set of statistics for each v-net domain 
requires changing the definition to struct tcpstat tcpstat[NVNET) and changing all references to index by the appropriate 
v-net domain number. 

[0022] To make v-net facility a configuration option, the declarations and references are encapsulated in macros. 
The macros generate arrays when v-nets are configured in and scalars when v-nets are deconfigured. As an example 
the tcpstat declaration becomes VDECL (struct tcpstat, tcpstaT), in which the first macro argument is the type, and the 
second macro argument is the name. It will be noted that the variable name is changed from tcpstat to tcpstaT. This 
convention is followed throughout the global variable generation, i.e., variables that are virtualized and global across 
more than one file are changed to have the final letter in their name capitalized. This is done for three reasons: 

1 ) to differentiate global variables from local variables and/or types of the same name for readability, 

2) to ensure that all references to global variables are fixed appropriately (by causing a compile error if the variable 
name is not changed); and 

15 

3) to denote global variables plainly for possible future changes. 

[0023] References to virtualized variables are made using one of two macros, _v(name), or_ V(name, index), where 
name is the variable name and index is the v-net domain index to be used. The macro _v uses a per CPU global index 

20 variable vnetindex. It will be noted that all references to virtualized variables must be made with these macros, without 
exception, so that the references are correct without requiring #ifdef s when v-nets are configured or deconfigured. 
[0024] In addition to defining a methodology that handles virtualization of variables, a selection is needed of the 
correct set of global variables to be replicated for each v-net domain, and the replicated variables need to be correctly 
referenced by macros in the appropriate v-net domain. For example, global variables can be identified by using a script 

25 that analyzes object to) files for the global variables they define, by code inspection, or by information from other 
sources (see for example the tables of global variables in TCP/IP Illustrated, Volume 2: The Implementation, Gary R. 
Wright and W. Richard Stevens, Addison- Wesley 1995, p. 64, 97, 128, 158, 186, 207, 248, 277, 305, 340, 383, 398, 
437, 476, 572, 680, 715, 756, 797, 1028, and 1051). 

[0025] The following Appendix A is basically a table of the global variables that are virtualized in some implementa- 
30 tions, listing the name and the purpose of the variable. The variables that are virtualized are generally marked "virtu- 
alized" in the table. Although virtualized variables shown in the table are usually marked "virtualized," other variables 
in the table have been analyzed but excluded from virtualization. All of the "virtualized" variables are essentially repli- 
cated, such that each v-net maintains its own set of these variables. Then macros, program conventions that allow 
textural substitution, are provided, such that everywhere a global variable is accessed, a replacement access is a 
35 macro reference selected from the correct set of variables based on the correct v-net. 

[0026] In the present embodiment, multiple networking domains are implemented by the same operating system, 
unlike previous approaches, in which for example a computer is subdivided into virtual domains that partition the hard- 
ware and run separate operating systems in each domain. 

40 
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APPENDIX A. VARIABLE ANALYSIS 

NOTE: In the Analysis/Disposition column, "Virtualizeo? ' means the variable becomes an array when vnets are 
configured (see the description above); "Invariant" means a separate instance of the variable is not needed for 
different vnet domains; and "Not Virtualized" means there was a choice about virtualization (e.g., whether a 
Tunable could have a different value in different domains), but the choice was made not to virtualize the 
variable. 



10 


Variable 


Data Type 


Defining File 


Description 


Analysis/ 
Disposition 




Head 


static struct 
router info * 


igmp.c 


Head of routerjnfo linked list 


Virtualized. 


15 


Addmask_key 


static char * 


radix. c 


Temporary storage for 
m addmask. 


Invariant. 


arp_aIlocated 


static int 


if_ether.c 


Total number of llinfo_arp 
structures allocated. 


Virtualized. 




arp__inuse 


static int 


if_ether.c 


Current number of llinfo_arp 
structures in use. 


Virtualized. 


20 


arp_maxtnes 


static int 


if_ether.c 


Tunable. Maximum number of 
retries for an arp request. 


Tunable. Not 
vrrtualized. 




arpjroxyall 


static int 


if_cther.c 


Tunable. Enables foiTning a 
proxy for all arp requests. 


Tunable. Not 
vrrtualized. 


25 


arpinit_done 


static int 


ifetherx 


Indicates initialization is done. 


Invariant 
Initialization 
handles all 
vnets. 


30 


arpintrq 


struct ifqueue 


if^ether.c 


Arp interrupt request queue. 
Shared by all vnets. Vnet 

oWULUlllg W LLC LI pULLCU LKl 

queue. 


Invariant. 


arpt_down 


static int 


ifether.c 


Tunable. No. of seconds 
between ARP flooding 
algorithm. 


Tunable. Not 
virtualized. 




arptjceep 


static int 


if^ether.c 


Tunable. No. seconds ARP 
entry valid once resolved. 


Tunable. Not 
virtualized. 


35 


arpt_prunc 


static int 


if^ether.c 


Tunable. No. seconds between 
checking ARP list. 


Tunable. Not 
virtualized. 




bpfjbufsize 


static int 


bpf.c 


Tunable. 


Tunable. Not 
virtualized. 


40 


bpfcdevsw 


static struct 
cdevsw 


bpf.c 


Table of entry point function 
pointers. 


Invariant 




bpf devsw instal 
led 


static int 


bpf.c 


Initialization flag. 


Invariant 




bpf_dtab 


static struct 
bpf d 

(NBPFILTER) 


bpf.c 


Descriptor structure, one per 
open bpf device. 


Invariant. 


45 


bpf_dtab_init 


static int 


bpf.c 


Another initialization flag. 


Invariant. 



50 



55 
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Variable 


Data Type 


Defining File 


Description 


Analysis/ 
Disposition 


5 


bpf_iflist 


Siauu ouuti 

bpftf 


bpf.c 


Descriptor associated with each 
attached hardware interface. 


HI Vol LBJlL. 




clns_recvspace 


static ujong 


raw_clns.c 


Constant (patchable). Amount 
of receive space to reserve in 
socket. 


Not virtualized 


10 


clns_sendspace 


static ujong 


raw_clns.c 


Constant (patchable). Amount 
of send space to reserve in 
socket. 


Not virtualized 




clnsjisrreqs 


struct pr_usrreqs 


raw_clns.c 


Function pointers for cms user 
requests. 


Invariant. 


15 


clnsg 


struct clnsg Job 


raw_clns.c 


Global state associated with 
ray_clns.c, including list heads 
ana counters. 


Virtualized. 


20 


clnsintrq 


struct ifqueue 


raw_clns.c 


Clrts interrupt request queue, 
anarca oy an vneis. v nei 
switching done when removed 

Pmm nil Alio 
1IUII1 ljUCUC. 


Invariant 


clnssw 


struct protosw 


raw_clns.c 


Pointers to protocol entry 
points oc associaieu uaia. 


— : 

Invariant. 




counter 


static u int64 t 


ip_fw.c 


Counter for ipfw_report. 


Virtualized. 


25 


div_recvspace 


static u_long 


rp_divertx 


Amount of receive space to 

receive in mjc&ci. 


Invariant — 


div_sendspace 


static ujong 


tpdivert.c 


Amount of send space to 
reserve in sul&ci 


Invariant. 




divcb 


static struct 


ip__divertc 


Head of inpeb structures for 


Virtualized. 




divebinfo 


static struct 


ip_divert, c 


Pcbinfo structure for divert 


Virtualized. 


30 




t rtrs t*V\ in fif\ 
lUpwDIUlO 


piUltCsoUig. 






dst 


static struct 
sockaddr 


bpf.c 


Sockaddr prototype. 


Invariant. 




err_prefix 


cnaru 


ip_fw.c 


Constant string for printfs. 


Invariant. 


35 


etherbroadcastad 
dr 


u_char [6] 


if_ethersubr.c 


Constant. Ethernet broadcast 
link address. 


Invariant. 


expire upcalls c 
h 


static struct 
callout_handle 


ip mroute.c 


canoiii nanaie ior 
expire_upcalls. 


Virtualized. 




rcstab 


static u short 
[256] 


PPP_ tt Y- c 


constant, l aoie ior rco 
lookup. 


Invariant 


40 


nag_Qiven, pon 


static u_shotx 


ip__inpui.c 


jL/ivcn proiucui pun.. 

Conditionally compiled iwith 
EPDIVEfcT 


9 




fw debug 


static int 


ipfw.c j 


Tunable. Enables debug print. 


Not virtualized. 




fw_onejpass 


static int 


ip_fw.c 


Tunable. Enables accepting 
packet if passes first test 


Not virtualized. 


45 


fw_verbose 


static int 


ip_fw.c 


Tunable; controls verbosity of 
firewall debugging messages. 


Not virtualized. 




fw_verbose_limit 


static int 


ip_fw.c 


Tunable. Limits amount of 
logging. 


Not virtualized. 


50 


have encap tunn 
el 


static int 


ip_mroutex 


Indicates presence of an 
encapsulation tunnel. 


Virtualized 




icmpbmcastecho 


static int 


ip_icmp.c 


Tunable flag. Disables 
broadcasting of ICMP echo and 
timestamp packets. 


Not virtualized. 
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Data Type 


Defining File 


Description 


Analysis/ 
Disposition 


5 


icmpdst 


static struct 
sockaddr in 


rp_icmp.c 


Saves the source address for 
ifaof_ifpforaddr. 


Virtualized. 




lcmpgw 


static struct 
sockaddrjn 


ipjcmp.c 


Holds the ip source address in 
icmp_Jnput. 


Virtualized. 
May not be 
necessary 


10 


icmplim 


static int 


rp_icmp.c 


Tunable. ICMP error-response 
band with limiting sysctl. 


Not virtualized. 




icmpmaskrepl 


static int 


vp_icmp.c 


Tunable flag. Enables ICMP 
mask replacement 


Not virtualized. 




icmpprintfs 


int 


ipicmp.c 


Enables printfs in icmp code. 


Not virtualized. 


15 


lcmpsrc 


static struct 
sockaddrjn 


ip_icrrrp.c 


Holds the ip dest address in 
icmp_Jnput 


Virtualized. 
May not be 
necessary 




icmpstat 


static struct 
icmpstat 


rp_icmp.c 


Icmp statistics. 


Virtualized. 


20 




int 


if.c 


Number of configured 
interfaces. 


Virtualized. 


if_indexliM 


static int 


if.c 


Number of entries in 
ifhet_addrS array. 


Virtualized. 




imeT 


struct ifhethead 


if.c 


Head of list of ifhet structures. 


Virtualized. 




ifnet_addrS 


struct iiladdr ** 


if.c 


Array of pointers to link level 
interface addresses. 


Virtualized. - 


25 


ifqmaxlen 


int 


if.c 


Constant. Maximum queue 
length for interface queue. 


Invariant. 




igmp_all_hosts_g 
roup 


static u_long 


lgmp.c 


Host order of 

INADDR_ALLHOSTS_GROU 


Invariant 








P constant 




30 


igmp_all rtrs _gr 
oup 


static ujong 


lgmp.c 


Host order of 

INADDR_ALLRTS_GROUP 
constant. 


Invariant 




igmp_timers_are 
^running 


static int 


lgmp.c 


Flag indicating any igmp timer 
is active. 


Virtualized. 




igmprt 


static struct route 


lgmp.c 


Temporary variable. 


Invariant 


35 


igmpstat 


static struct 
igmpstat 


igrnp.c 


Igmp statistics. 


Virtualized. 




in_ifaddiiicaD 


struct 

in ifaddrfaead 


ip_input.c 


Head of in_ifaddr structure list 


Virtualized. 


40 


in_interfaces 


static int 


in.c 


Incremented each time a non- 
loopback interface is added to 
in ifaddrheaD. Not read 


Invariant. 
Never read. 
Dead code. 




in_multiheaD 


struct 

in_multihead 


m.c 


Head of list of 
in_multistructures (multicast 
address). 


Virtiialized. 


45 


inetclernnap 


u_char [J 


ip_inputc 


Array of constants (error 
numbers). 


Invariant. 




inetdomain 


struct domain 


in_proto.c 


Pointers to switch table, 
initialization, etc. for internet 
domain. 


Invariant. 


50 


inetsw 


struct protosw 


in_proto.c 


Pointers to entry points for 
various internet protocols. 


Invariant 




inited 


static int 


if.c 


Flag mdicating initialization 
has been performed. 
Initialization does all vnets. 


Invariant. 
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T til IdUiC 


Data Tvne 


Defining File 


Rcscrinrion 


Analysis/ 
Disposition 


5 


ip_acceptsourcer 
oute 


static int 


ip_inputc 


Tunable flag. Enables 
acceptance of source routed 
packets. 


Tunable. Not 
virtualized. 




ip_defttl 


int 


ip_inputc 


Tunable. Default time to live 
from RFC 1340. 


Tunable. Not 
virtualized. 




ip_divert_cookiE 


u intl6 t 


ip_divert.c 


Cookie passed to user process. 


Virtualized. 


10 


ip_divert_porT 


u_short 


ip_divertc 


Global "argument" to 
div_input. Used to avoid 
changing prototype. 


Virtualized 




ip_dosourceroute 


static int 


ip_mputc 


Tunable flag. Enables acting as 
a router. 


Tunable. Not 
virtualized. 


15 


ip fw chaiN 


struct ip fw_head 


ip_rw.c 


Head of ip firewall chains. 


Virtualized. 


ip_rw_chk_ptr 


ip_fw_chk_t * 


ip_input.c . 


IP firewall function callout 
pointer, value depends on 
loading fw module. 


Invariant 


20 


ip_fw_ctl_ptr 


ip_fw_ctl_t * 


ip_input.c 


IP firewall function callout 
pointer, value depends on 
loading fw module. 


Invariant 




ip fw default ru 


struct 


ip_fw.c 


Pouiter to default rule for 


Virtualized. 




IE 


ip_fw_chain* 




firewall processing. 






ip_fw_fwd_addR 


struct 

sockaddr in * 


ip_inputc 


IP firewall address. 


Virtualized. — 


25 


ipJD 


u_short 


ip_output.c 


IP packet identifier 
(increments). 


Virtualized. 




ip_mcast__src 


ulong (*)(int) 


ip_mroute.c 


Pointer to function; selection 
depends on compile options. 


Invariant. 




ip_rnforward 


int(*)(struct ip *, 
struct ifhet*, ...) 


ip_mroute.c 


Function pointer set by module 
installation. 


Invariant. 


30 


ip_mrouteR 


struct socket * 


ipjnroute.c 


Socket of multicast router 
program. 


Virtualized. 




ip_mrouter_done 


int (*)(void) 


ip_mroute.c 


Function pointer set by module 
installation. 


Invariant. 


35 


ip_mrouter_get 


int (*)(struct 
socket *, struct 
sockopt *) 


ip_mroute.c 


Function pointer selected by 
compile options. 


Invariant. 




ipjnrouter_set 


int (*)(struct 
socket *, struct 
sockopt *) 


ipjnroute.c 


Function pointer selected by 
compile options. 


Invariant. 


40 


ip_nat_clt_ptr 


ip_nat_ctl_t * 


ip_inputc 


IP firewall function callout 
hook; set by module install. 


Invariant 




ip_nat_ptr 


ip_nat_t * 


ip_inputc 


IP firewall function callout 
hook; set by module install. 


Invariant. 




ip_nhops 


static int 


ipjnput.c 


Hop count for previous source 
route. 


Virtualized. 


45 


ip_protox 


u char 

[PROTO_MAX] 


ip_inputc 


Maps protocol numbers to 
inetsw array. 


Invariant. 




ip_rsvpD 


struct socket * 


ip_input.c 


Pointer to socket used by rsvp 
daemon. 


Virtualized. 




rp_rsvp_on 


static int 


ip_input.c 


Boolean indicating rsvp is 
active. 


Virtualized. 


50 


ip_srcrt 


struct ip_srcrt 


ip_input.c 


Previous source route. 


Virtualized. 




ipaddR 


struct 

sockaddr in 


ipjnputc 


Holds ip destination address for 
option processing. 


Virtualized. 
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Data Type 


Defining File 


Description 


Analysis/ 
Disposition 


5 


ipflowS 


static struct 
inflnwhead 


ip_flow.c 


Hash table head for ipflow 


Virtualized. 




ipiiow_acuvc 


OlaUV Ull 


try flnxu f* 


TYiwaMi* "Pti-iKIac "fact- 
1UI WdlUltl^ iJV W LUUC. 


invariant. 




ipiiOw IXlUoC 


iLdUL Ull 


fn flnw r 


^ULUIl. Ul dwUVC HOW bUULlUICb. 


"\7 r — 3 

V u^ualized. 




ip forward_rt 


ctatif* ctni^f mut^ 
MdllC SUULI 1UUIC 


■t*i itmiit n 

ip inpui.c 


Cached route for ip forwarding. 


Virtualized. 


10 


iforwarding 


int 


rp_inputc 


Tunable that enabales ip 

f/MTl/STV'l'in ft 

IUI WalUlIlg. 


Virtualized. 




ipintrq 


struct ifqucuc 


ip_inpuLc 


Ip interrupt request queue for 
when naclc etc ri#*oiipiieH 


Invariant 


15 


ippon_firstauto 


static int 


ip_pcb.c 


Bounds on ephemeral ports. 


Invariant. 


ipportjhifirstauto 


static int 


ip_pcb.c 


Bounds on ephemeral ports. 


Invariant. 




ipport hilastauto 


bUUiV ull 


ip pcb.c 


X3UUX1UO Ull CpuCIIlCIal pUiUv. 


Invariant. 




rpport_lastauto 


static int 


ip_pcb.c 


Bounds on ephemeral ports. 


Invariant: 


20 


rpport_lowfirstau 
to 


static int 


ip_pcb.c 


Bounds on ephemeral ports. 


Invariant 


ipport^lowlastaut 

0 


static int 


ip_pcb.c 


Bounds on ephemeral ports. 


Invariant 




ipprintfs 


static int 


ip lnpui.w 


r lag iur acoug pimi. 


invariant. 


25 


ipq 


static struct ipq 
SH] 


ip_input.c 


Head of ip reassembly hash 

If etc 


Virtualized. ~ 




lpi^n l <ia i c ii 




in innfiit c 


T*fltpViahlp ron^tjmt tViat «ptc 
x a L<*ixt+w it* wwiiawm mat 

maximum queue length for 

jpiULllJ. 


Jul Vol 1UX1L 


30 


isendredirects 


static int 


ip_inputc 


Tunable that enable sending 

T^HlT^Ct TTlP««ft©P« 
1 " ' *i 1 Tr* - 1 lilCjjClgCj. 


Invariant 


istaT 


struct ipstat 


ipinputc 


Ip statistics counters. 


Virtualized. 




k_igmpsrc 


static struct 
sockaddr in 


ip_mroute.c 


Prototype sockaddr_in. 


Invariant 




last_adjusted_tim 
cout 


static int 


ip_rmx.c 


Time value of last adjusted 
timeout. 


virtuaiizea. 


35 


last_encap_src 


static u_long 


ip — mroute.c 


Cache of last encapsulated 
source address? 


vntuaiizea. 




last_encap__vif 


struct vif * 


lp^mroute.c 


Last encapsulated volume tag 
(vif). 


virtuaiizea. 


40 


last__zeroed 


static bit 


radix.c 


Number of bytes zeroed last 
nme in auumasit_itcy. 


Invariant 


legal_vif_num 


int(*)(int) 


ip_mroute.c 


Pointer to function selected by 
module installation. 


Invariant. 




iiinio_arr 


struct 

llinfo_arp_head 


lI__culCI.C 


XlCoU Ol llllliU alp 1U1A.CU Hal. 


V IX LUUIIZCU. 


45 


log in vain 


static int 


top input, c 
udpjisrreq.c 


Tunables that enable logging of 
"in vain" connections. 


Invariant 




ioif 


struct irhet 
[NLOOP] 


ifjoop.c 


Array of ifhet structs fro 
loopback device. One per 
device, therefore invariant. 


Invariant. 


50 


mask_mhead 


struct 

radix_node_head 
* 


radix.c 


Head of mask tree. 


Invariant. 




maxjceylcn 


static int 


radix.c 


Maximum key length of any 
domain. 


Invariant 
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Variable 


Data Type 


Defining File 


Description 


Analysis/ 
Disposition 


5 


• rnaxnipq 


static int 


ip_inputc 


Constant (nmbcluslter/4) that is 
maximum number of ip 
fragments waiting assembly. 
Note: should this be scaled by 
VNET? 


Invariant? 
Scaled? 




mf dablc 


static struct mfc * 


ip_mroutc.c 


Head of mfc hash table. 


Virtualized. 


10 




[MFCTBLSI2] 








mrtjoctl 


int (*)(int, 
caddr_t, struct 
proc*) 


ipjnroute.c 


Function pointer selected by 
module initialization. 


Invariant. 




mrtdebug 


static u int 


ip_mroute.c 


Enables debug log messages. 


Invariant. 


15 


mrtstat 


static struct 
mrtstat 


ip_mroute.c 


Multicast routing statistics. 


Virtualized. 




tntutab 


static int [] 


ipjcmp.c 


Static table of constants. 


Invariant 




multicast decap 
if 


static struct ifhet 
[MAXVIFS] 


ip_mroute.c 


Fake cncapsulator interfaces. 


Virtualized. 




mulucast_encap_ 
iphdr 


static struct ip 


ip_mroute.c 


Multicast encapsulation header. 


Invariant. 


20 


nexpire 


static u char 
[MFCTBLSIZ] 


ipjmroutex 


Count of number of expired 
entries in hash table? 


Vrrtualized. 




nipq 


static int 


ip_inputc 


Number of ip fragment chains 
awaiting reassembly. 


Virtualized. - 




normal chars 


static char [] 


radixx 


Static table of mask constants. 


Invariant. 


25 


nousrreqs 


static struct 
prjisneqs 


in_proto.c 
Tpx_j>rotox 


Static structure of null function 
pointers. 


Invariant. 




null_sdL96 


static struct 
sockaddr dl 


ifether.c 


Static null sockaddr_dl 
structure. 


Invariant. 


30 


numvifs 


static vifi_t 


ipjmroutex 


Number of virtual interface 
structures. 


Virtualized. 


old_chk_ptr 


static 

ip_fw_chkj 


ip_fw.c 


Function pointer holding 
previous state when module 
loads. 


Invariant 


35 


old_ctljptr 


static ip_fw_ctl_t 


ipjw.c 


Function pointer holding 
previous state when module 
loads. 


Invariant 


paritytab 


static unsigned 
[8] 


PPPjty-c 


Static array of parity constants. 


Invariant 




pim_assert 


static int 


ip_mroutex 


Enables pirn assert processing. 


Virtualized. 




ppp_compressors 


static struct 
compressor [8] 


ifj>ppx 


Static list of known ppp 
compressors. 


Invariant 


40 


ppp_softc 
pppdisc 


struct ppp softc 
[NPPP] 


ifjjppx 


Array of softc structures for 
ppp driver, one per device. 


Invariant 




raw_recvspace 


static ujong 


raw_cb.c 


Patchable constant that is 
amount of receive space to 
reserve in socket 


Invariant. 


45 


raw__sendspace 


static u_long 


raw_cbx 


Patchable constant that is 
amount of send space to reserve 
in socket. 


Invariant. 




raw usrreqs 


struct protosw 


raw^usrreqx 


Table of function pointers. 


Invariant. 




rawcb_lisT 


struct 

rawcb list head 


raw_cb.c 


Head of rawcb (raw prototocol 
control blocks) list 


Virtualized. 


50 


rawclnsdomain 


struct domain 


raw clns.c 


Table of function pointers. 


Invariant. 
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Variable 


Data Type 


Defining File 


Description 


Disposition 


5 


rip_recvspace 


static u_long 


raw_ip.c 


Tunable, amount of receive 
space to reserve in socket. 


l unaoie. Not 
virtualized. 




ripsendspace 


static u_long 


raw_Jp.c 


Tunable, amount of send space 
to reserve in socket 


1 unable. iNot 
virtualized. 




rip_usrrcqs 


struct prjisrreqs 


raw_ip.c 


Table of function pointers. 


Invariant. 


10 


ripcb 


static struct 
inpcbhead 


rawjp.c 


Head of raw ip control blocks 


Virtualized. 




ripcbinfo 


struct inpcbinfo 


raw_rp.c 


Pcb info, structure for raw ip. 


Virtualized. 




ripsrc 


static struct 
sockaddr in 


raw_rp.c 


Static temporary variable in 
rip^input 


Invariant. . 




ra_mkfreelist 


static struct 


radix.c 


Cache of free radix_mask 


Invariant 


15 




radix mask * 




structures. 






m_ones 


static char * 


radix.c 


One mask computed from 
maximum key length. 


Invariant 




rnzeros 


static char * 


radix.c 


Zeros mask computed from 
maximum key length. 


Invariant 


20 


ro 


static struct route 
ro 


ip_rnroute.c 


Temporary variable to hold 
route. 


Invariant 




route_cB 


struct route^cb 


route.c 


Counts on the number of 
routing socket listeners per 
protocol 


Virtualized. 


25 


route_dst 


static struct 


rtsockx 


Null address structure for 


Invariant. 




sockaddr route 




destination. 






routcjjroto 


static struct 
sockproto 


rtsock.c 


Static prototype of structure 
used to pass routing info. 


Invariant 




route_src 


static struct 


rtsock.c 


Null address structure for 


Invariant. 






sockaddr 




source. 




30 


routc^usrreqs 


static struct 
pr_usrreqs 


rtsoclec 


Table of function pointers for 
entry points. 


Invariant 




routedomain 


struct domain 


rtsockx 


Table of function pointers for 
entry points. 


Invariant. 


35 


route_alert 


static struct mbuf 
* 


igmp.c 


Statically constructed router 
alert option. 


Invariant. 


routesw 


struct protosw 


rtsock.c 


Table of function pointers for 
entry points. 


Invariant. 




rsvp_oN 


int 


ip_inputc 


Count of number of open rsvp 
control sockets. 


Virtualized. 


40 


rsvp_src 


static struct 
sockaddrjn 


ip_mroute.c 


Sockaddr prototype. 


Invariant. 




rsvpdebug 


static u int 


ip_mroute.c 


Enables debug print. 


Invariant. 




rtjableS 


struct 

radix_node head 
* [AFJvlAX+1] 


route.c 


Head of the routing tables (a 
table per address family.) 


virtuaiizea- 


45 


rtq_.minrcallyold 


siaric mi 


m rmx.c 


Tunable* rniriirnum time for old 
routes to expire. 


Tnvariant 




rtqjreallyold 


statinc rnt 


in_rmx.c 


Amount of time before old 
routes expire. 


Virtualized. 


50 


rtq_timeout 


static int 


in_rmx.c 


Patchable constant timeout 
value for walking the routing 
tree. 


Invariant 




rtqjoornany 


static int 


in_rmx.c 


Tunable that represents the 
number of active routes in the 
tree. 


Invariant 
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Disposition 




rtstaT 


struct rtstat 


route.c 


Routing statistics structure. 


Virtualized. 


5 


rttrash 


static int 


route.c 


Number of rtentrys not linked 
to the routing table. Never read, 
dead code. 


Dead code. Not 
virtualized 




sa zero 


struct sockaddr 


rtsock.c 


7 em arlfhf»« rpnim in ^rror 

conditions. 


Invariant 


10 


sin 


static struct 
sockaddr inarp 


if ether c 
if m route -C 


^nrVaHdr Tvrr\tntvr>A naQc^H trt 

JULA4UUL pUJLULj'JJC pddikCU IKJ 

rtallocl. 


Tti variant 
ill v <xi i<XLl l 




sl_softc 


static struct 
si soft[NSL] 


ifsLc 


Softc structure for slip driver; 
one per device. 


Invariant 


15 


slipdisc 


static struct 
lines w 


if_sl.c 


Table of function pointers to 
slip entry points. 


Invariant 




STCtUD 


static int 


ip mroutc.c 


Counter throttling error 
message to log. 


Invariant 




subnetsare local 


static int 


in.c 


Tunable flag indicating subnets 
are local. 


Virtualized. 


20 


thfdehup 


static u int 


ip mroute.c 


Tbf debug level. 


Invariant 

Ail T <W 1.C4L1W. 


tbftable 


static struct tbf 
[MAXVIFS] 


ip_mroute.c 


Token bucket filter structures. 


Virtualized. 




tcB 


struct inpebhead 


tcp_input.c 


Head structure for tcp peb 
structures. 


Virtualized. 




tchinfD 


struct inochinfo 


tm inoutc 


PCR info structure for fro 


Virtual i vpt\ 


25 


tcp_backorT 


int[] 


tcp_timer.c 


Table of times for tcp backtT 

nrnrpssinp 


Invariant. 




tcp_ccgeN 


tcp_cc 
(u_int32j) 


tcp_input.c 


Connection count (per rfc 
1644). 


Virtualized. 


30 


ten Hplarlr **nanl 

ed 


int 


ten innnt c 


TnnaMe that enah1p«i Hplaved 

acknowledgments. 


Tunable Nfnt 
virtualized. 








tr*r\ ciiKr r 


Tunable enahles rcf 1 

(window scaling and 
tiTne^tamns ^ 

till IwiJ tiUHUQt J 


Tnnahl^ Mnt 

virtualized. 


35 


tcp_dojtfcl644 


static int 


tcp__subr.c 


Tunable enables rfc 1644. 


Tunable. Not 
virtualized. 


iv p__»V C v JJ V U I 


Qtatir* int 


t**n triTif*r c 


Patr'haHle <*nn«:tant fr\r 

maximum number of probes 
before a dron 


1X1 V dl ldlll. 




tcpjseepidle 


int 


tcp_timer.c 


Tunable value for keep alive 
idle timer. 


Tunable. Not 
virtualized. 


40 


tepjeeepinit 


int 


tcp_timer.c 


Tunable value for initial 
connect keep alive. 


Tunable. Not 
virtualized. 




tcp_maxidle 


int 


tcp_timer.c 


Product of tcp_keepcnt * 
tcp_keepintvl; recomputed in 
slow timeout. 


Invariant. 


45 


tcp_maxpersistidl 
c 


static int 


tcp_timer.c 


Patchable constant that is. 
default time before probing. 


Invariant. 




tcp_mssdflt 


int 


tcp_subr.c 


Tunable default maximum 
segment size. 


Tunable. Not 
virtualized. 


50 


tcp_noW 


ujong 


tcp__inputc 


500 msec, counter for RFC 1323 
timestamps. 


Virtualized. 


tcp_outflags 


u char 

[TCP NSTATES 
] 


tcp_fsm.h 


Static table of flags in 
tep_output 


Invariant. 




tcp_rttdflt 


static int 


tcp_subr.c 


Tunable. Dead code, value not 


Invariant Dead 
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accessed- 


code. 


5 


tcp_sendspace 


ujong 


tcpjusrreq 


Tunable value for amount of 
send space to reserve on socket 


Tunable. Not 
virtualized. 




tcptotbackoff 


static int 


tcp_timer.c 


Sum of tcp_backoff. 


Invariant. 




tcp_usrrcqs 


struct pr_usneqs 


tcp_usrreq.c 


Table of function pointers for 
tcp user request functions. 


Invariant. 


10 


tcprexmtthresh 


static int 


tcpjmputc 


Patchable constant; number of 
duplicate acks to trigger fast 
retransmit. 


Invariant. 




tcpstaT 


struct tcpstat 


tcp_input.c 


TCP statistics structure. 


Virtualized. 




tun_cdevsw 


struct cdevsw 


if_tun.c 


Table of function pointers for 
tunnel interface entry points. 


Invariant 


15 


tun devsw instai 
led 


static int 


if_tun.c 


Flag indiating tun devsw table 
installed 


Invariant 




tunctl 


static struct 
tun softc 
[NTON] 


if^tUELC 


Softc structure for tunnel 
interface; one per device. 


Invariant 


20 


tundebug 


static int 


if tun.c 


Flag enables debut print. 


Invariant 




udb 


static struct 
inpcbhead 


udp_usrreq.c 


UDP inpeb head structure. 


Virtualized. 




udbinfo 


static struct 
inpcbinfo 


udp_usrreqx 


UDP inpeb info, structure. 


Virtualized. ~ 


25 


udp_in 


static struct 
sockaddr in 


udp_usrreq.c 


Prototype sockaddr for 
AF INET. 


Invariant. 




udpjrecvspacc 


static u Jong 


udp_usrreq.c 


Tunable; amount of receive 
space to reserve on socket 


Tunable. Not 
virtualized. 


30 


udp_sendspace 


static ujong 


udp_usrreq.c 


Tunable; amount of send space 
to reserve on socket. 


Tunable. Not 
virtualized. 


udp_usrreqs 


struct pr_usrreqs 


udp_usrreq.c 


Table of function pointers for 
entry points. 


Invariant. 




udpcksuxn 


static int 


udp_usrreq.c 


Tunable; enables udp 
checksumming. 


Tunable. Not 
virtualized. 




udpstat 


struct udpstat 


udpjisrreq.c 


Udp statistics structure. 


Virtualized. 


35 


useloopback 


static int 


if_ether.c 


Tunable; enables use of 
loopback device for localhost 


Tunable. Not 
virtualized. 




version 


static int 


ip_mroute.c 


Version number of MRT 
protocol* 


Invariant 




viftable 


static struct vif 


ip_mroute.c 


Table of vifs (virtual interface 


Virtualized 


40 




[MAXVIFS] 




structure). 




zeroin_addr 


struct in addr 


in_jpcb.c 


Zero'd internet address. 


Invariant 



[0027] Although the present invention and its advantages have been described in detail, it should be understood 
that various changes, substitutions and alterations can be made herein without departing from the spirit and scope of 

45 the invention as defined by the appended claims. Moreover, the scope of the present application is not intended to be 
limited to the particular embodiments of the process, machine, manufacture, composition of matter, means, methods 
and steps described in the specification. As one of ordinary skill in the art will readily appreciate from the disclosure of 
the present invention, processes, machines, manufacture, compositions of matter, means, methods, or steps, presently 
existing or later to be developed that perform substantially the same function or achieve substantially the same result 

so as the corresponding embodiments described herein may be utilized according to the present invention. Accordingly, 
the appended claims are intended to include within their scope such processes, machines, manufacture, compositions 
of matter, means, methods, or steps. 



55 Claims 

1 . A system of virtual router domains comprising: 
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a host router 10 running a common operating system 18, 20; 

a plurality of virtual router domains 1 2, 1 4, 1 6 and processes 22, 23. 24, 25, 26 logically partitioned within said 
host router, each said virtual router domain having a unique domain ID address 13, 15, 17 and an independent 
replica array of all virtualized variables across said common operating system, each said process running in 
a said virtual router domain independently of all other said virtual router domains on top of said common 
operating system; and 

said global variables being accessed by macro references in each said virtual router domain. 

2. The system of claim 1 wherein said common operating system runs on a master control processor within said host 
router. 

3. The system of claim 1 wherein said plurality of processes comprise routing software applications 23, 24, 25, 26. 

4. The system of claim 1 further comprising a plurality of interfaces 42, 43, 45 partitioned interchangeably among 
said virtual router domains, such that a particular interface is associated with only one such virtual router domain 
at one time, but can be repartitioned among said virtual router domains to reconfigure said host router. 

5. The system of claim 4 wherein said interface is an interface port of said host router. 

6. The system of claim 5 further comprising a socket 32, 33, 34, 35, 36 created by at least one said process, said 
socket being associated exclusively with the virtual router domain in which it is created and containing said unique 
domain ID address of said domain in which it is created. 

7. The system of claim 6 wherein each of said virtual router domains maintains an independent routing table 46, 48, 50. 

8. The system of claim 7 wherein each said socket uses the routing table of said virtual router domain in which said 
socket is created. 

9. The system of claim 8 wherein a failure of one of said plurality of said virtual router domains does not adversely 
affect a different one of said plurality of said virtual router domains. 

10. A method of logically partitioning a host router 10 into virtual router domains 12, 14, 16, comprising: 

configuring the kernel 20 of a single common operating system 1 8, 20 running in said host router 10; 
configuring in a plurality of virtual router domains 12, 14, 16 within said host router; 
identifying each said virtual router domain by a unique domain index number 13, 15, 17; 
generating an independent identical set of replica arrays of global variables for each virtual router domain; and 
associating a process 22, 23, 24, 25, 26 with each said virtual router domain of said host router, such that said 
processes run in said virtual router domains independently of one another on top of said single common op- 
erating system of said host router. 
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